Apple has a track record of bringing new technologies to the mainstream, so it wasn’t a surprise when it introduced biometric identification in 2014 to iPhones and began the “biometrics race”. Touch ID made it easy to unlock your phone by scanning your fingerprint — no passcode required.

But fingerprint scanning is only the tip of the iceberg.

The Basic Types of Biometrics

According to Dictionary.com, biometrics is “the process by which a person’s unique physical and other traits are detected and recorded by an electronic device or system as a means of confirming identity”.

As each person is unique, it follows that the best means of identifying an individual is by their physical characteristics. While there are numerous physical traits that could be used, some of the most commonly used are fingerprint recognition, voice recognition, facial recognition, and DNA verification.

Fingerprint Recognition: The most widely recognized form of biometric identification is fingerprinting. Its employment in law enforcement dates back to 1901 in the UK’s Metropolitan Police Service and its usage revolutionized criminal investigations.

DNA Verification: DNA verification isn’t something you’d likely use to unlock your phone. Widely popularized by shows like CSI, DNA verification is most commonly used in law enforcement. Each person’s DNA is unique, so even a small sample can be enough to verify the identity of an individual against a known sample.

While signature verification has been around for quite some time, the digital equivalent is starting to be developed more as there are more people who try to hide who they are online, and they often don’t realize that they are giving away their identity by the unique way that they type.

So What’s Holding Biometrics Back?

1. Fear of Surveillance

Currently one of the largest uses of biometric identification is in law enforcement.

Facial recognition in particular is becoming standard practice in proactive policing, with police in England using it at a music festival in 2014 to scan each attendee’s face and compare it against a database of known criminals.

This was certainly not the first time that facial recognition had been used on a large scale, but it was one of the most invasive as there was little justification given at the time as to why this specific festival was targeted.

2. Fear of Privacy Breaches

While you may or may not agree with government surveillance, most people are still very uncomfortable with the idea of private companies tracking their location and behavior, mainly because there is little in the way of transparency in how this information is actually stored and used.

While there are concerns about government surveillance, the idea of private companies tracking our every move tends to make people even more nervous. Retail personalization specialists RichRelevance recently did some research into how customers felt about tracking and personalization:

It’s clear from those results that the erosion of privacy is mostly what people find “creepy”, with facial recognition topping that list. If customers don’t like a certain type of biometric identification, then shops are unlikely to adopt it for fear of losing business.

There has been a stir going on in Russia recently around a site called FindFace, which uses facial recognition to crawl profiles on the Russian social network VKontakte to find any person you are looking for. It’s just one of many examples.

While a lot of the information is public, it’s the way that data is used that causes great unease.

3. ID Unreliability

Fingerprint scanners have become the go-to form of mainstream biometric identification because of their reliability compared to other methods. For example, facial recognition currently requires good lighting and positioning to give accurate results.

Voice recognition on the other hand suffers from too much audio noise. It may work well in very quiet conditions, it absolutely fails when you’re out on a busy road or in a loud nightclub. The results are inconsistent at best, but mostly just wrong.

These environmental factors limit where authentication can reliably be confirmed, limiting their convenience and usefulness. Compare this to passwords, which can be used at any time on any device under any conditions.

4. ID Theft

ID theft is one of the most stressful and worrying things that can happen. Having your identity stolen can be tough to prove, and it’s made worse by the fact that ID theft rates are increasing all over the world.

Hacks are a big obstacle for any ID verification system because once your credentials are exposed, anyone can use that information to pretend to be you.

But what if your unique physical attributes are stolen in a hack? It’s not like you can head to your local DMV and request a new face or fingerprint. It’s much easier to just log into Twitter or Facebook and change your password.

Your biometric data, on the other hand, will be the same across all sites — the only way to prevent unwanted access would be to change the authentication method altogether.

If a large scale hack were to happen to biometric data, it would be really difficult for people to verify their true identity, especially with data-linking becoming more common (i.e. all forms of identification including browsing habits, biometric data, passwords, and advertising profiles are interlinked).

5. Poor Standards

Digital standards are the reason why we can use any web browser to access the internet or any phone to make a phone call — they make sure that everything works together seamlessly.

The same can’t be said for biometrics. To date, no government has created standards for the creation, use, or storage of biometric information. Fast Identity Online (FIDO) is in the process of writing some standards, but with the current rapid proliferation of biometric consumer devices, it could end up being too little, too late.

Standards can also be used to make sure that methods of biometric identification are consistent. Fingerprints can change depending on the amount of oil in the skin or a cut on the finger. Normally, a fingerprint is turned into a small segment of data, but it doesn’t allow for changes to one’s fingerprint.

6. Biometrics Alone Aren’t Enough

India is currently in the middle of an incredibly ambitious project to catalog identification information on every single one of its 1.2 billion citizens. The system, known as Aadhaar, includes biometric information along with text information such as name, date of birth and address.

The idea behind the scheme is to make identifying individuals for benefits and government services much faster and easier.

One of the ways they are tackling biometric issues is by using multi-factor authentication where a user is identified by “who you are” (biometrics) and “what you have” (mobile device, laptop, etc). By using this system, they have created a two-factor authentication for biometric information.

The solution still suffers the pitfall of normal two-step verification: if an individual is being specifically targeted, then it may be possible to bypass both authentications.

However, if a hack were to happen and expose the data, it would certainly be a lot harder for criminals to use the information to access private information as they lack the second step needed for verification.

Too Many Issues, Right to the Core

While biometrics may not be the long term alternative to passwords, they are safer to use. Rather than seeing them as separate methods to identify that you are who you say you are, they should instead be viewed as complementary methods that can be used together to verify an individual.

Are biometrics the be-all-end-all of personal identification? Likely not. There are just too many fundamental problems to solve.

I can see why you might not want to opt-in to biometric identification but its becoming standard procedure for governments and law enforcement. Hopefully we won't end up in a position like Demolition Man.

James is a MakeUseOf staff writer from London, UK. He enjoys finding ways to make life easier by using technology. Passionate about bringing scientific and technology concepts to everyone. Also partial to a bit of meditation. Visit his website here or on Twitter here.